Install Lighttpd, PHP, and MariaDB on Ubuntu 20

Guide to install lighttpd, php, and MariaDB on Ubuntu 20.

Lighttpd or often read as lighty is an open-source web server that is very lightweight, and can be installed together with php and MariaDB. In theory, lighttpd is superior to Apache because it tends to be lighter and has many modules.

Beforehand, make sure your operating system is updated to the latest version. Then restart the server.

# apt update
# apt upgrade -y
# reboot

Install Supporting Repository

To get the latest php updates, add the following repository.

# apt install software-properties-common  -y
# add-apt-repository -y ppa:ondrej/php
# apt update

Start installing lighttpd

# apt install -y lighttpd
# lighttpd -v

Then check your current lighttpd version. When this article was created, the latest version should be lighttpd/1.4.55. When you access your server using an IP address or a hostname/domain it should display the default page of lighttpd.

Then add the group of lighttpd.

# groupadd lighttpd
# useradd -g lighttpd -d /var/www/html -s /sbin/nologin lighttpd

Then change the ownsession of the public folder path

# chown -R lighttpd:lighttpd /var/www/html/

Install MariaDB and supporting php

# apt install -y php-{cli,gd,fpm,mysql,curl,json,xml} mariadb-server

Then setup MariaDB.

# mysql_secure_installation

~# mysql_secure_installation


In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Then make sure you have saved the root password because it is very important. Make sure not to lose or forget.

Make minor adjustments to the php-fpm settings that will be used.

# mv /etc/php/8.1/fpm/pool.d/www.conf /etc/php/8.1/fpm/pool.d/lighttpd.conf

Change some of the following parameters:

# nano /etc/php/8.1/fpm/pool.d/lighttpd.conf 

Change [www] to [lighttpd]

Change user = www-data to user = lighttpd

Change group = www-data to group = lighttpd

Change listen = /run/php/php8.1-fpm.sock to listen = /run/php/php8.1-lighttpd-fpm.sock

Then restart the php-fpm service.

# service php8.1-fpm restart

Configure lighttpd

Enable cgi and php modules on lighttpd. Then force reload the lighttpd service.

# lighttpd-enable-mod fastcgi
# lighttpd-enable-mod fastcgi-php
# service lighttpd force-reload

Then configure PHP and do a little customization. We backup first.

# cp -p /etc/lighttpd/conf-enabled/15-fastcgi-php.conf /etc/lighttpd/conf-enabled/15-fastcgi-php.conf-ori

Clear the previous configuration.

#  >/etc/lighttpd/conf-enabled/15-fastcgi-php.conf
# nano /etc/lighttpd/conf-enabled/15-fastcgi-php.conf

Then fill in the following text

fastcgi.server += ( ".php" =>
"socket" => "/run/php/php8.1-lighttpd-fpm.sock",
"broken-scriptfilename" => "enable"

Then restart the lighttpd service

# service lighttpd restart

Now lighttpd is ready to use. But if you want to add SSL, then there are some additional adjustments.

Install Cerbot. Then install it on the domain, where this domain is the name of your website.

# apt install -y certbot
# certbot certonly --webroot -w /var/www/html/ -d domain

Now enable the ssl module and then update the ssl configuration

# lighttpd-enable-mod ssl
# nano /etc/lighttpd/conf-enabled/10-ssl.conf

$HTTP["scheme"] == "http" {
$HTTP["host"] == "nama.domain.anda" {
url.redirect = ("/.*" => "https://nama.domain.anda$0")

$SERVER["socket"] == "" {
ssl.engine = "enable"
ssl.pemfile = "/etc/letsencrypt/live/nama.domain.anda/fullchain.pem"
ssl.privkey = "/etc/letsencrypt/live/nama.domain.anda/privkey.pem"
ssl.cipher-list = "HIGH"

Save the file and then restart lighttpd.

# service lighttpd restart

Your domain name is now equipped with SSL. And by default, when accessed without https it will automatically point to https.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.